Background: Virtual Private Server

I have a virtual private server that I'm looking to host multiple websites on, and provide access to another web developer. I don't care about putting too many constraints on him, though I wouldn't mind isolating the site that he'll be developing from other sites on the server that I will develop.

The problem: retain control

Mainly what I want is to make sure that I retain control over the server in the future. I want to reserve the ability to create/promote/demote and other administrative functions that don't deal with web software. If I make him an admin, he can sudo su - and become root and remove root control from me, for example.

I need him not to be able to:

take away other admin permissions

change the root password

have control over other security/administrative functions

I would like him to still be able to:

install software (through apt-get)

restart apache

access mysql

configure mysql/apache

reboot

edit web development configuration type files in /etc/

Other Standard Setups would be happily considered

I've never really set up a good sudoers file, so simple example setups would be very useful, even if they're only somewhat similar to the settings that I'm hoping for above.

Edit: I have not yet finalized permissions, so standard, useful sudo setups are certainly an option, the lists above are more what I'm hoping I can do, I don't know that that setup can be done. I'm sure that people have solved this type of problem before somehow, though, and I'd like to go with something somewhat tested as opposed to something I've homegrown.

3 Answers
3

Depending on the amount of applications you want to allow him to perform, an option would be to allow him to execute commands withou even having to sudo. This could prevent you from giving him a root access, while still allowing him to perform his tasks:
To do this, add in the sudoers file a line like this one for each application he should be allowed to do:

username ALL=NOPASSWD: /path/to/application

Edit: the virtual machine solution would for sure be the safest option

Just be aware that many applications you might normally use could end up providing a root shell. vim and emacs for example would allow the sudoed user to get root easily.
–
Bill LynchMar 16 '10 at 17:51

Unfortunately given the privileges you have given him there really isn't a good way create a foolproof configuration prevent him from trying to block access from you. Being able to edit arbitrary files in /etc, being able to install software almost certainly means that the person will have the ability to bypass anything you setup with sudo.

The real question comes back to physical access. If you have physical access to the system there really is nothing that he can do that you cannot easily bypass by simply rebooting the system from a livecd and repairing things.

I believe these days most people address this kind of an issue by setting up a VM and giving access within the VM. If they do something wrong or make a configuration error then fixing things is usually a reboot away.

+1 for the VM approach. Give him an isolated VM, let him manage it the way he wants.
–
SunnyMar 16 '10 at 17:44

Question edited to clarify: This is on a VPS/VM that I am paying for, not a dedicated server that I could slice into VMs. As far as editing abilities, my lists were a wishlist, I've clarified them as: I need the security/control, I would like, if I can get it, the permissiveness where it doesn't conflict with the security/control.
–
KzqaiMar 16 '10 at 18:39